admin/ghost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
ghost/CHANGELOG.md
pandaadir05 795b9c23fe Clean up documentation and remove unnecessary files 
- Rewrote CONTRIBUTING.md in casual, direct style
- Rewrote SECURITY.md to be less formal
- Fixed GitHub URLs in CHANGELOG.md
- Removed formal issue/PR templates
- Removed codecov.yml configuration file

All docs now sound human, not AI-generated.
2025-11-21 13:03:05 +02:00

2.2 KiB
Raw Permalink Blame History

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Unreleased

Added

  • Initial release of Ghost process injection detection framework
  • Cross-platform process enumeration (Windows, Linux, macOS)
  • Memory analysis and RWX region detection
  • Shellcode pattern detection
  • Process hollowing detection with PE header validation
  • MITRE ATT&CK technique mapping
  • Threat intelligence correlation framework
  • Terminal UI (TUI) for interactive monitoring
  • Command-line interface (CLI) for automation
  • Configuration file support (TOML)
  • JSON output format support
  • Hook detection (inline hooks, LD_PRELOAD, ptrace)
  • Thread analysis and enumeration
  • Evasion technique detection framework
  • Behavioral anomaly detection
  • YARA rule engine integration (framework)
  • Event streaming and correlation system
  • CI/CD pipeline with GitHub Actions
  • Comprehensive documentation

Fixed

  • All compilation errors resolved
  • Borrow checker issues in TUI
  • Missing Debug trait implementations
  • Async/await compatibility with tokio
  • Generic type inference in UI rendering
  • Platform-specific import warnings
  • Test suite compilation errors
  • ThreatLevel ordering comparison support
  • DetectionConfig validate method visibility
  • Unused variable warnings across codebase

Changed

  • Improved error handling consistency
  • Enhanced code documentation
  • Optimized memory scanning performance
  • Standardized naming conventions
  • Updated test suite to match current API
  • Implemented macOS memory reading via mach APIs (vm_read)
  • Added Debug trait derives to threat intelligence structures
  • Disabled outdated tests (marked with TODO for updates)

0.1.0 - 2024-11-20

Initial Development Release

  • Core detection engine functional
  • Windows support complete
  • Linux support partial (procfs-based)
  • macOS support limited (enumeration only)
  • TUI and CLI interfaces working
  • Professional codebase structure
  • Clean compilation on all platforms
Reference in New Issue View Git Blame Copy Permalink